GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,793
Erlang
29
GitHub Actions
16
Go
1,710
Maven
4,947
npm
3,475
NuGet
605
pip
3,001
Pub
10
RubyGems
828
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+
1,066 advisories
Filter by severity
Uncontrolled resource consumption vulnerability in XAMPP Windows, versions 7.3.2 and earlier....
High
Unreviewed
CVE-2024-5055
was published
May 17, 2024
Denial of Service (DoS) vulnerability for Cerberus Enterprise 8.0.10.3 web administration. The...
High
Unreviewed
CVE-2024-5052
was published
May 17, 2024
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE...
High
Unreviewed
CVE-2024-4438
was published
May 8, 2024
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE...
High
Unreviewed
CVE-2024-4437
was published
May 8, 2024
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE...
High
Unreviewed
CVE-2024-4436
was published
May 8, 2024
Minder's GitHub Webhook Handler vulnerable to DoS from un-validated requests
High
CVE-2024-34084
was published
for
github.com/stacklok/minder
(Go)
May 7, 2024
Remote denial of service vulnerability in LAN Messenger affecting version 3.4.0. This...
High
Unreviewed
CVE-2024-4599
was published
May 7, 2024
go-ethereum vulnerable to DoS via malicious p2p message
High
CVE-2024-32972
was published
for
github.com/ethereum/go-ethereum
(Go)
May 6, 2024
Inductive Automation Ignition ConditionRefresh Resource Exhaustion Denial-of-Service...
High
Unreviewed
CVE-2023-39477
was published
May 3, 2024
Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service...
High
Unreviewed
CVE-2023-27334
was published
May 3, 2024
Yamux Memory Exhaustion Vulnerability via Active::pending_frames property
High
CVE-2024-32984
was published
for
yamux
(Rust)
May 1, 2024
Denial of service condition in M-Files Server in versions before 24.4.13592.4 and after 23.11 ...
High
Unreviewed
CVE-2024-4056
was published
Apr 26, 2024
An incomplete fix was shipped for the Rapid Reset (CVE-2023-44487/CVE-2023-39325) vulnerability...
High
Unreviewed
CVE-2023-6596
was published
Apr 25, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.5 before 16...
High
Unreviewed
CVE-2024-2829
was published
Apr 25, 2024
A Denial of Service (DoS) vulnerability exists in the mintplex-labs/anything-llm repository when...
High
Unreviewed
CVE-2024-3569
was published
Apr 10, 2024
DHCP Server Service Denial of Service Vulnerability
High
Unreviewed
CVE-2024-26215
was published
Apr 9, 2024
DHCP Server Service Denial of Service Vulnerability
High
Unreviewed
CVE-2024-26212
was published
Apr 9, 2024
QUIC's Connection ID Mechanism vulnerable to Memory Exhaustion Attack
High
CVE-2024-22189
was published
for
github.com/quic-go/quic-go
(Go)
Apr 2, 2024
IBM Common Cryptographic Architecture (CCA) 7.0.0 through 7.5.36 could allow a remote user to...
High
Unreviewed
CVE-2023-47150
was published
Mar 26, 2024
XNIO denial of service vulnerability
High
CVE-2023-5685
was published
for
org.jboss.xnio:xnio-api
(Maven)
Mar 22, 2024
Memory leaks in code encrypting and verifying RSA payloads
High
CVE-2024-1394
was published
for
github.com/golang-fips/go
(Go)
Mar 20, 2024
tls-listener affected by the slow loris vulnerability with default configuration
High
CVE-2024-28854
was published
for
tls-listener
(Rust)
Mar 15, 2024
Microsoft Security Advisory CVE-2024-21392: .NET Denial of Service Vulnerability
High
CVE-2024-21392
was published
for
Microsoft.NETCore.App.Runtime.linux-arm
(NuGet)
Mar 12, 2024
A vulnerability in the External Border Gateway Protocol (eBGP) implementation of Cisco NX-OS...
High
Unreviewed
CVE-2024-20321
was published
Feb 29, 2024
Connection leaking on idle timeout when TCP congested
High
CVE-2024-22201
was published
for
org.eclipse.jetty.http2:http2-common
(Maven)
Feb 26, 2024
ProTip!
Advisories are also available from the
GraphQL API